Skip to content
@FalconForceTeam

FalconForce

Pinned Loading

  1. FalconHound FalconHound Public

    FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log ag…

    Go 819 59

  2. FalconFriday FalconFriday Public

    Hunting queries and detections

    893 111

  3. BOF2shellcode BOF2shellcode Public

    POC tool to convert CobaltStrike BOF files to raw shellcode

    C 222 28

  4. KQLAnalyzer KQLAnalyzer Public

    REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.

    C# 51 18

  5. FalconForge FalconForge Public

    This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deploying a repository of use-cases for the Sentinel and Microsoft 3…

    Python 18 10

  6. SOAPHound SOAPHound Public

    SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

    C# 866 92

Repositories

Showing 10 of 17 repositories
  • FalconHound Public

    FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.

    FalconForceTeam/FalconHound’s past year of commit activity
    Go 819 BSD-3-Clause 59 2 3 Updated Mar 6, 2026
  • NRT-KQL Public

    To create NRT rules, we needed to be certain about the KQL syntax that can and cannot be used. This led us to create our own documentation.

    FalconForceTeam/NRT-KQL’s past year of commit activity
    0 GPL-3.0 0 0 0 Updated Feb 4, 2026
  • TelemetryCollectionManager Public

    Manage and maintain Defender XDR custom collection configuration

    FalconForceTeam/TelemetryCollectionManager’s past year of commit activity
    Go 34 BSD-3-Clause 0 1 0 Updated Nov 19, 2025
  • FalconFriday Public

    Hunting queries and detections

    FalconForceTeam/FalconFriday’s past year of commit activity
    893 BSD-3-Clause 111 1 1 Updated Oct 30, 2025
  • KQLAnalyzer Public

    REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.

    FalconForceTeam/KQLAnalyzer’s past year of commit activity
    C# 51 18 1 0 Updated Sep 22, 2025
  • dAWShund Public

    Putting a leash on naughty AWS permissions

    FalconForceTeam/dAWShund’s past year of commit activity
    Python 135 BSD-3-Clause 10 0 0 Updated Sep 5, 2025
  • reply-url-brute Public

    Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure

    FalconForceTeam/reply-url-brute’s past year of commit activity
    Python 15 BSD-3-Clause 2 0 0 Updated Jan 23, 2025
  • bof-winrm-client Public
    FalconForceTeam/bof-winrm-client’s past year of commit activity
    C++ 128 BSD-3-Clause 19 0 0 Updated Jan 23, 2025
  • bof-winrm-plugin-jump Public
    FalconForceTeam/bof-winrm-plugin-jump’s past year of commit activity
    C++ 33 BSD-3-Clause 2 0 0 Updated Jan 23, 2025
  • SOAPHound Public

    SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

    FalconForceTeam/SOAPHound’s past year of commit activity
    C# 866 GPL-3.0 92 5 1 Updated Feb 3, 2024
View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…